hazelcast/hazelcast-jet

Vulnerabilities in Elasticsearch 6.8.14 used by Jet

olukas opened this issue 3 years ago · 2 comments

olukas commented 3 years ago

Jet Elastic 6 connector uses Elasticsearch 6.8.14 which includes following vulnerabilities:

CVE-2021-22144 - https://nvd.nist.gov/vuln/detail/CVE-2021-22144 (it should be fixed by version 6.8.17)
CVE-2021-22137 - https://nvd.nist.gov/vuln/detail/CVE-2021-22137 (it should be fixed by version 6.8.15)
CVE-2021-22135 - https://nvd.nist.gov/vuln/detail/CVE-2021-22135 (it should be fixed by version 6.8.15)

mmedenjak commented 3 years ago

I see the commit has been merged so I assume this issue can be fixed. @gurbuzali can you confirm?

gurbuzali commented 3 years ago

yes, closing